The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-5981 | A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | -- | Nov 17, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-41913 | strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm\'s DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message. | -- | Nov 22, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6228 | An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. | -- | Nov 23, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48706 | Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. | -- | Nov 24, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-47038 | A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. | -- | Nov 27, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6277 | An out-of-memory flaw was found in libtiff. Passing a crafted tiff file to TIFFOpen() API may allow a remote attacker to cause a denial of service via a craft input with size smaller than 379 KB. | -- | Nov 27, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39326 | A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of data (up to about 1GiB) when a handler fails to read the entire body of a request. Chunk extensions are a little-used HTTP feature which permit including additional metadata in a request or response body sent using the chunked encoding. The net/http chunked encoding reader discards this metadata. A sender can exploit this by inserting a large metadata segment with each byte transferred. The chunk reader now produces an error if the ratio of real body to encoded bytes grows too small. | -- | Nov 30, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-47100 | In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \\p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. | -- | Dec 3, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46751 | An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. | -- | Dec 7, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46218 | This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl\'s function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. | LOW | Dec 7, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-45866 | Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. | -- | Dec 8, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50495 | NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). | -- | Dec 12, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6478 | A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6377 | A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39804 | In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50472 | cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. | LOW | Dec 14, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50471 | cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. | LOW | Dec 14, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6817 | A use-after-free vulnerability in the Linux kernel\'s netfilter: nf_tables component can be exploited to achieve local privilege escalation. The function nft_pipapo_walk did not skip inactive elements during set walk which could lead double deactivations of PIPAPO (Pile Packet Policies) elements, leading to use-after-free. We recommend upgrading past commit 317eb9685095678f2c9f5a8189de698c5354316a. | -- | Dec 18, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51385 | In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. | -- | Dec 19, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6932 | A use-after-free vulnerability in the Linux kernel\'s ipv4: igmp component can be exploited to achieve local privilege escalation. A race condition can be exploited to cause a timer be mistakenly registered on a RCU read locked object which is freed by another thread. We recommend upgrading past commit e2b706c691905fe78468c361aaabc719d0a496f1. | -- | Dec 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6931 | A heap out-of-bounds write vulnerability in the Linux kernel\'s Performance Events system component can be exploited to achieve local privilege escalation. A perf_event\'s read_size can overflow, leading to an heap out-of-bounds increment or write in perf_read_group(). We recommend upgrading past commit 382c27f4ed28f803b1f1473ac2d8db0afc795a1b. | -- | Dec 19, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7042 | A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trigger a denial of service. | -- | Dec 21, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-6546 | A race condition was found in the GSM 0710 tty multiplexor in the Linux kernel. This issue occurs when two threads execute the GSMIOC_SETCONF ioctl on the same tty file descriptor with the gsm line discipline enabled, and can lead to a use-after-free problem on a struct gsm_dlci while restarting the gsm mux. This could allow a local unprivileged user to escalate their privileges on the system. | -- | Dec 21, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51782 | An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51781 | An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51780 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51779 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7104 | A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. | -- | Dec 28, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6531 | A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector\'s deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | -- | Dec 28, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0193 | A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. | -- | Jan 2, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-7192 | A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow. | -- | Jan 2, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-34324 | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen console interrupt in an unprivileged guest. The closing of an event channel is e.g. triggered by removal of a paravirtual device on the other side. As this action will cause console messages to be issued on the other side quite often, the chance of triggering the deadlock is not neglectable. Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel on Arm doesn\'t use queued-RW-locks, which are required to trigger the issue (on Arm32 a waiting writer doesn\'t block further readers to get the lock). | -- | Jan 5, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-0340 | A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file. | -- | Jan 9, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6040 | An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2022-48619 | An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can cause a denial of service (panic) because input_set_capability mishandles the situation in which an event code falls outside of a bitmap. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0443 | A flaw was found in the blkgs destruction path in block/blk-cgroup.c in the Linux kernel, leading to a cgroup blkio memory leakage problem. When a cgroup is being destroyed, cgroup_rstat_flush() is only called at css_release_work_fn(), which is called when the blkcg reference count reaches 0. This circular dependency will prevent blkcg and some blkgs from being freed after they are made offline. This issue may allow an attacker with a local access to cause system instability, such as an out of memory error. | -- | Jan 12, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0584 | Rejected reason: Do not use this CVE as it is duplicate of CVE-2023-6932 | -- | Jan 16, 2024 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2024-0582 | A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0565 | An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0562 | A use-after-free flaw was found in the Linux Kernel. When a disk is removed, bdi_unregister is called to stop further write-back and waits for associated delayed work to complete. However, wb_inode_writeback_end() may schedule bandwidth estimation work after this has completed, which can result in the timer attempting to access the recently freed bdi_writeback. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-6915 | A Null pointer dereference problem was found in ida_free in lib/idr.c in the Linux Kernel. This issue may allow an attacker using this library to cause a denial of service problem due to a missing check at a function return. | -- | Jan 16, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0646 | An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. | -- | Jan 17, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0641 | A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel’s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. | -- | Jan 17, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-0639 | A denial of service vulnerability due to a deadlock was found in sctp_auto_asconf_init in net/sctp/socket.c in the Linux kernel’s SCTP subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system. | -- | Jan 17, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2024-21886 | A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-21885 | A flaw was found in X.Org server. In the XISendDeviceHierarchyEvent function, it is possible to exceed the allocated array length when certain new device IDs are added to the xXIHierarchyInfo struct. This can trigger a heap buffer overflow condition, which may lead to an application crash or remote code execution in SSH X11 forwarding environments. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0409 | A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0408 | A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2024-0229 | An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-6816 | A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device\'s particular number of buttons, leading to a heap overflow if a bigger value was used. | -- | Jan 17, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
